package com.bzchao.controller;

import com.bzchao.domain.Msg;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

/**
 * Created by yangyibo on 17/1/18.
 */
@RestController
public class HomeController {

    @RequestMapping("/login")
    public String login() {
        return "login";
    }

    @PreAuthorize("permitAll")
    @RequestMapping("/user")
    public Object user() {
        return SecurityContextHolder.getContext().getAuthentication().getPrincipal();
    }

    @RequestMapping("/admin")
    public String hello() {
        //拥有admin权限
        return "hello admin";
    }

    @RequestMapping("/chao")
    //拥有url权限
    public String chao() {
        return "hello chao";
    }

    @RequestMapping("/test")
    public String test() {
        //任何用户都应该有的权限
        return "hello test";
    }
}
